Even before horrors of September 11th, Americans were a vocal force on Web; promoting national pride in many and varied ways. This broad-based army of poets, politicians, artists, spiritual leaders, business people and average citizens has redoubled itself in time since 911 with tens of thousands of blogs, forums, webrings, personal, community, church and commercial patriotic Web sites only a keyboard away.

Upon closer inspection, I see a vast array of individuals, groups and companies out on Internet trying their best to express pride in American. The most notable of range are average everyday American putting their thoughts and images out on Internet for world to consume. Just go to www.blogspot.com or www.journalspace.com and do a search for "Patriotic" and see what I mean.

I went back to Google.com and dug a little deeper into some of top Patriotic sites of today. As of day that this article was written, number one Patriotic site on Google.com, in a testament to free speech, is a Web site that parody's Whitehouse site. The www.whitehouse.org link leads to a page selling t-shirts that make fun of Bush Whitehouse. Number two is Patriotic Music Online, a USAF band site featuring patriotic music. Further down results is http://www.geocities.com/Heartland/Plains/4601/patriotic.html. This site provides patriotic graphics for use by others building patriotic Web sites. It is a site that is unique partly because of how it is hosted. Geocities is Yahoo's offering for free hosted websites. Geocities and hosts like it offer opportunity for anyone from anywhere to build their own webpage. This level of accessibility to Web was unheard of only a few years ago. It has helped cause of patriotic Web page enormously.

There are many other examples of patriotic personal statements in form of communities or forums: http://p211.ezboard.com/bpatrioticamerica, http://www.pro-american.com/forums/ and http://www.network54.com/Forum/193764. For a collection of patriotic sites, I found http://www.usa-patriotism.com/, http://www.thefreedompage.org/ and http://www.usflag.org/ to be outstanding.

Original URL (The Web version of article)

------------

href="http://www.defendingthenet.com/newsletters/Phishing-A nInterestingTwistToACommonScam.htm" rel="nofollow" target=_blank> Phishing: An Interesting Twist On A Common Scam

Title

-----

Phishing: An Interesting Twist On A Common Scam

After Two Security Assessments I Must Be Secure, Right?

-----------------------------------------------

Imagine you are CIO of a national financial institution and you've recently deployed a state of art online transaction service for your customers. To make sure your company's network perimeter is secure, you executed two external security assessments and penetration tests. When final report came in, your company was given a clean bill of health. At first, you felt relieved, and confident in your security measures. Shortly thereafter, your relief turned to concern. "Is it really possible that we are completely secure?" Given you're skepticism, you decide to get one more opinion. The day of penetration test report delivery is now at hand. Based on previous assessments, you expect to receive nothing but positive information......

The Results Were Less Than Pleasing

--------------------------------------

During this penetration test, there were several interesting findings, but we are going to focus on one that would knock wind out of anyone responsible for security of online systems. Particularly if you are in business of money.

Most people are familiar with term "Phishing". Dictionary.com defines word Phishing as "the practice of luring unsuspecting Internet users to a fake Web site by using authentic-looking email with real organization's logo, in an attempt to steal passwords, financial or personal information, or introduce a virus attack; creation of a Web site replica for fooling unsuspecting Internet users into submitting personal or financial information or passwords". Although SPAM / unsolicited e-mail and direct web server compromise are most common methods of Phishing. There are other ways to accomplish this fraudulent activity.

Internet Router Compromise Makes For A Bad Day In this case, Internet router was compromised by using a well-known CISCO vulnerability. Once this was accomplished, sky was limit as far as what could be done to impact organization. Even though company's web server was secure, and Firewall that was protecting web server was configured adequately, what took place next made these defense systems irrelevant.

Instead of setting up a duplicate login site on an external system, then sending out SPAM in order to entice a customer to give up their user ID, password, and account numbers, another approach, a much more nefarious approach was taken.

Phishing For Personal Or Financial Information